Wednesday, January 28, 2015

A hospital in San Francisco has notified 844 patients that their medical records may have been breached by a pharmacist employee. The pharmacist has since been terminated.

A breach of 14 patients was discovered in October 2014 and further investigation found a total of 844 patients' had been accessed without an apparent valid purpose. The information accessed included patient demographics, last four digits of social security number, clinical information including diagnosis and clinical notes, and prescription information.

"A pharmacist employee may have accessed [patients'] records without a business or treatment purpose." - Hospital's website

The breaches occurred between October 2013 to October 2014. It is unclear why the breaches were no discovered until October 2014. Healthcare organizations seeking proactive detection of data privacy breaches can utilize low-cost on-demand Saas analytics services.